[PATCH] NT Security Semantics
matt_zinkevicius at hp.com
Thu Apr 4 19:13:02 GMT 2002
Attached is the current version of the NT security semantics patch against
samba 2.2.3a. A quick overview of what this patch does:
- Add VFS calls to support extended attributes
- A reference VFS module for the XFS file system
on Linux is included (in samba/examples/VFS/xfs_ea)
- Add VFS calls for DOS attributes
- Store/retrieve NT security descriptors using above EA calls
- Implement Win2k style inheritance for NT ACLs
- Enforce security using NT semantics instead of UNIX sematics
- NOTE: This is a LARGE break from what samba currently
does, which is to just rely on UNIX permissions.
- Modified the VFS to allow modules to override a subset
of VFS calls, instead of overriding entire VFS.
- Because of this change, all current VFS modules will not
work unless upgraded to the new interface.
- This part of the patch should be discarded once stackable
VFS modules are implemented.
New smb.conf options: (all go in [global] section)
-store nt acls = True/False (default=False)
- Store NT security descriptors using the new EA VFS calls
- Note that the default implementation of these new EA VFS
calls just returns an error. You must use a VFS module that
overrides these calls.
-store dosmode = True/False (default=False)
- Store DOS attributes using new VFS calls
-nt security semantics = True/False (default=False)
- Security is enforced using NT semantics (effective permissions)
instead of UNIX semantics.
- Requires that "store nt acls" is true.
-sd cache size = ### (default=50)
- For performance reasons a security descriptor cache is
used. The number given to this option is the max number of
security descriptors in cache at any given time. This number
should be tuned for your specific workload.
- Only applicable when "store nt acls" is true.
With all of these options at the defaults settings samba will work
100% the same you're used to.
- During DACL auto-propagation on a directory, sometimes updated UNIX
permissions may not be fully propagated down the entire tree.
- Usually the owner of a file always has change ACL permissions,
but since samba opens a file before calling the VFS get_acl()
we must also give the owner of a file full read permissions.
- Using the new NT ACL code is mutually exclusive to using POSIX
ACLS in samba. I plan to fix this soon.
- At the VFS layer, there is not enough information about whether a
file is being opened for just reading or for executing, therefore
if a trustee has read permission they also have execute permission.
If anyone finds more problems let me know. This code is stable, as we
have been running it through full netbench benchmarks daily for
the last couple of months. The samba team is encouraged to incorporate
any parts of this patch that they deem worthy. I'm sorry this email
is light on details, especially since this is a large'ish patch. Feel
free to mail any questions to the list and I'll answer as soon as
Network Storage Array Solutions
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 17594 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20020404/e6cf3627/samba-2.2.3a-ntss.patch.obj
More information about the samba-technical